Executive Risk Summary
"A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition. The affected device must be rebooted to resolve the DoS condition."
Operational Audit Arsenal
Target Type Firmware Image
Target Asset Snort Detection Engine
Standard Path Global Firmware
Manual Verification Required
This is a non-Windows asset (Cisco). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.
Patch Impact Forecast
Reboot Required Likely
Network traffic may be dropped, resulting in a denial of service (DoS) condition
Internal Work Notes
CVE-2024-20351: Cisco Firepower Threat Defense Snort Detection Engine vulnerability may cause network traffic to be dropped, resulting in a denial of service (DoS) condition. Reboot required to resolve.
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Official Advisoryhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq
Official Advisoryhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
Official Advisoryhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu
Official Advisoryhttps://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300
Related Cisco Threats
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.